1722 matches found
CVE-2026-58487 HedgeDoc: Stored HTML injection via email local-part
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, due to unsafe handling of the local-part of registered email addresses, HedgeDoc was vulnerable to stored HTML Injection through its publish and slide views. An attacker could register a...
CVE-2026-58487 HedgeDoc: Stored HTML injection via email local-part
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, due to unsafe handling of the local-part of registered email addresses, HedgeDoc was vulnerable to stored HTML Injection through its publish and slide views. An attacker could register a...
PT-2026-57722
Name of the Vulnerable Software and Affected Versions Aman CF7 Views versions prior to 3.2.3 Description A DOM-Based Cross-site Scripting XSS issue exists due to improper neutralization of input during web page generation. This allows stored scripts to execute within the user's browser...
EUVD-2026-42637
PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...
CVE-2026-15188
A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the...
EUVD-2026-42477
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-42483
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Google Chrome < 150.0.7871.114 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 150.0.7871.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 202607stable-channel-update-for-desktop01162222768 advisory. - Use after free in Autofill in Google Chrome on Android prior to...
Google Chrome < 150.0.7871.114 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 150.0.7871.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 202607stable-channel-update-for-desktop01162222768 advisory. - Use after free in Autofill in Google Chrome on Android prior to...
CVE-2026-15129
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-15111
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15111
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15111
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15111
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15111
CVE-2026-15111 is a Chrome vulnerability: a use-after-free in Views causing heap corruption when a user is tricked into specific UI gestures on a crafted HTML page. Affected software: Google Chrome prior to 150.0.7871.115. Root cause: use-after-free in Views leading to potential heap corruption. ...
CVE-2026-15111
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15129
CVE-2026-15129 describes a Use-After-Free in Chrome’s Views component (Chromium) prior to version 150.0.7871.115. A crafted HTML page can trigger heap corruption, enabling a remote attacker to potentially exploit the vulnerability. Affected software: Google Chrome on desktop (Windows, macOS, Linu...
CVE-2026-15129
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-15129
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-15129
Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...